Google · Android · CVE-2019-2102
**Name of the Vulnerable Software and Affected Versions**
Android versions 7.0 through 9
**Description**
The issue concerns the improper use of crypto in Bluetooth Low Energy (BLE) devices, specifically when a hardcoded Long Term Key (LTK) is used. This could theoretically allow a proximate attacker to remotely inject keystrokes on a paired Android host without requiring user interaction.
**Recommendations**
For Android versions 7.0 through 9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.